cancel
Showing results for 
Search instead for 
Did you mean: 

IPFILTER auto logout

 
samarah
Frequent Advisor

IPFILTER auto logout

Good Day!
i'm currently configuring ipfilter in my hpux 11.23 RP8420 server...i have created some rules and rules are working... but after 3 mins my session and ping will automatically logout..my problem is how can i turn off the auto logout?

Below is my rules...

block in all
pass in quick on lo0 from 10.123.45.47/32 to any
pass out quick on lo0 from 10.123.45.47/32 to any

Thanks,
6 REPLIES
Horia Chirculescu
Honored Contributor

Re: IPFILTER auto logout

Hello samarah,

If you are talking about session idle timeout, there is a shell variable that controls that.

See:
http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=197701

Horia.
Best regards from Romania,
Horia.
samarah
Frequent Advisor

Re: IPFILTER auto logout

thanks...

but this is IPFILTER related when i activate/loaded ng rules in /etc/opt/ipf/ipf.conf config and will it works and accessible for a while but after 3 mins.. may session were killed and automatically logout.. please take noted this only happens when i acivate the ipfilter...

any body knows on how to disable autologout? at the same i need the ipfilter still activated/enable.

Thanks,
Horia Chirculescu
Honored Contributor

Re: IPFILTER auto logout

>but this is IPFILTER related when i activate/loaded ng rules

You should check what it is happening when you enable ipf. Watch for rejected packets on lo0 (try to understand what services generated those packets).

Horia.

Best regards from Romania,
Horia.
Jim Walls
Trusted Contributor

Re: IPFILTER auto logout

lo0 is your loopback interface (127.0.0.1) - there should be no 10.0.0.0/8 trafic on it!

Do you not mean to put this rule on lan0?

samarah
Frequent Advisor

Re: IPFILTER auto logout

this is may rule defined in /etc/opt/ipf/ipf.conf

# cat /etc/opt/ipf/ipf.conf
block in all
pass in from 10.123.45.47/32 to any
pass out from 10.123.45.47/32 to any

Is this correct or do i need to put any parameters?
Horia Chirculescu
Honored Contributor

Re: IPFILTER auto logout

># cat /etc/opt/ipf/ipf.conf
>block in all
>pass in from 10.123.45.47/32 to any
>pass out from 10.123.45.47/32 to any


Like this you are blocking all inbound/oubound traffic except for this host 10.123.45.47/32

You can activate logging (man ipf.conf) by using log option on your block action.

You can use ipmon to read the log.

Horia.
Best regards from Romania,
Horia.